Hi all,
Have been tinkering with blocking known attack source countries but cannot seem to get this working as expected.
I read that the IDS method was essentially replaced with the alias method and have followed the guides I have found on this forum to try it out with no luck.
I have enclosed screenshots of my alias and firewall rules to help with identifying where I might be going wrong.
Any ideas?
Thanks,
Manaki
Have you increased your Firewall Maximum Table Entries? Firewall: Settings: Advanced, set to 1000000 or more.
Cheers,
Franco
Curiousity hoe are you trying to block those countries ?
If you are gonna use a firewall rules on the wan make sure your firewall have enough resources.
I've tried it before and my firewall cpu was overloaded which causes voip phones issues
Hey Franco,
Thanks for that clarification. Seems it is working but as pointed out by Julien, there is an issue with memory. I have only 4GB/8GB allocated to my installation.
I know in the alias I provided, I have quite a few countries selected for blocking. Truth is, I only really care about blocking aggressive attack countries like 'CN', 'RU'.
Is there any other way to do it that is not so memory intensive?
Thanks,
Naki